Malware

Midie.83684 removal instruction

Malware Removal

The Midie.83684 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.83684 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)
  • Stack pivoting was detected when using a critical API
  • Creates a hidden or system file
  • Checks the version of Bios, possibly for anti-virtualization
  • CAPE detected injection into a browser process, likely for Man-In-Browser (MITB) infostealing
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Midie.83684?



File Info:

name: CCF631EE74FDCBF82940.mlw
path: /opt/CAPEv2/storage/binaries/7ba80d06e99efcb2f23a64d673481df3bb1e50cc378e0107043d1ccce277035a
crc32: 5ACB9D71
md5: ccf631ee74fdcbf82940b77e9e9d5832
sha1: a7e8d5742d0e4a9fc547ad0cae89b230d781fb2c
sha256: 7ba80d06e99efcb2f23a64d673481df3bb1e50cc378e0107043d1ccce277035a
sha512: 75c757ef5d21c150360cee8444a154816af573f5e2e9b6a3c634f9baf38415b1474a1fe299739ff531bd6162526e43f5298c166597abec45c9db1894ef5979a8
ssdeep: 49152:I+FRBNWQDV8Kp6F8ftDSe9mLdx8kSogcwzXToFPWfYV4T+LeA:IOWuV8KuSog1UWQV4TR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T185169D22B384953EC46B1B36156BA7B4893FBF202A12CE5B57F46C5C8F32591393E253
sha3_384: 2a86146ace828f0f22cb7ec1b556e75678e8c42923b53c51f0de38ab1d88034938e18b4e72f9c845c92db506e6d3dab6
ep_bytes: eb1066623a432b2b484f4f4b90e9b0c0
timestamp: 2020-10-06 00:20:50


Version Info:

CompanyName: Oracle Corporation 
FileDescription: MySQL Utilities 1.6.5 Installer
FileVersion: 1.0.0.0
ProgramID: com.embarcadero.Project1
ProductName: Project1
ProductVersion: 1.0.0.0
Translation: 0x0409 0x04e4

Midie.83684 also known as:

LionicTrojan.Win32.Clomatok.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Midie.83684
FireEyeGeneric.mg.ccf631ee74fdcbf8
McAfeeGenericRXAA-AA!CCF631EE74FD
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaMalware:Win32/km_2e6f0f2.None
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderThetaGen:NN.ZexaF.34742.8N0@aexkZKli
CyrenW32/Trojan.FWJ.gen!Eldorado
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Clomatok.l
BitDefenderGen:Variant.Midie.83684
NANO-AntivirusTrojan.Win32.Redcap.iauzer
AvastWin32:TrojanX-gen [Trj]
TencentMalware.Win32.Gencirc.10ce175f
Ad-AwareGen:Variant.Midie.83684
EmsisoftGen:Variant.Midie.83684 (B)
ZillyaTrojan.Agent.Win32.1506997
McAfee-GW-EditionBehavesLike.Win32.BadFile.wh
SophosMal/Generic-S
IkarusTrojan.SuspectCRC
GDataGen:Variant.Midie.83684
JiangminTrojan.Agentb.hvk
AviraHEUR/AGEN.1206239
MAXmalware (ai score=83)
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Malware/Win32.Generic.C4217199
Acronissuspicious
VBA32Trojan.Agentb
ALYacGen:Variant.Midie.83684
MalwarebytesGeneric.Trojan.Malicious.DDS
RisingTrojan.Clomatok!8.122B2 (CLOUD)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.108812250.susgen
FortinetW32/Agent.2BE7!tr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.e74fdc

How to remove Midie.83684?

Midie.83684 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment